diff --git a/devices/hololens/hololens2-setup.md b/devices/hololens/hololens2-setup.md index 319644824d..79189a7cf6 100644 --- a/devices/hololens/hololens2-setup.md +++ b/devices/hololens/hololens2-setup.md @@ -62,7 +62,7 @@ To turn on your HoloLens 2, press the Power button. The LED lights below the Po | To turn on | Single button press. | All five lights turn on, then change to indicate the battery level. After four seconds, a sound plays. | | To sleep | Single button press. | All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." | | To wake from sleep | Single button press. | All five lights turn on, then change to indicate the battery level. A sound immediately plays. | -| To turn off | Press and for hold 5s. | All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." | +| To turn off | Press and hold for 5s. | All five lights turn on, then fade off one at a time. After the lights turn off, a sound plays and the screen displays "Goodbye." | | To force the Hololens to restart if it is unresponsive | Press and hold for 10s. | All five lights turn on, then fade off one at a time. After the lights turn off. | ## HoloLens behavior reference diff --git a/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md b/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md index 7f3793ed3f..88b0653b00 100644 --- a/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md +++ b/devices/surface-hub/on-premises-deployment-surface-hub-device-accounts.md @@ -49,7 +49,8 @@ If you have a single-forest on-premises deployment with Microsoft Exchange 2013 ```PowerShell New-Mailbox -UserPrincipalName HUB01@contoso.com -Alias HUB01 -Name "Hub-01" -Room -EnableRoomMailboxAccount $true -RoomMailboxPassword (ConvertTo-SecureString -String -AsPlainText -Force) ``` -[!IMPORTANT] ActiveSync Virtual Directory Basic Authentication is required to be enabled as the Surface Hub is unable to authenticate using other authentication methods. +> [!IMPORTANT] +> ActiveSync Virtual Directory Basic Authentication is required to be enabled as the Surface Hub is unable to authenticate using other authentication methods. 3. After setting up the mailbox, you will need to either create a new Exchange ActiveSync policy, or use a compatible existing policy. diff --git a/devices/surface/microsoft-surface-brightness-control.md b/devices/surface/microsoft-surface-brightness-control.md index 47c2ffed10..1761581ced 100644 --- a/devices/surface/microsoft-surface-brightness-control.md +++ b/devices/surface/microsoft-surface-brightness-control.md @@ -46,9 +46,14 @@ documentation](https://docs.microsoft.com/windows/desktop/sysinfo/registry). 1. Run regedit from a command prompt to open the Windows Registry Editor. - - Computer\HKEY\_LOCAL\_MACHINE\SOFTWARE\Microsoft\Surface\Surface + - Computer\HKEY\_LOCAL\_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Surface\Surface Brightness Control\ - + + If you're running an older version of Surface Brightness control, run the following command instead: + + - Computer\HKEY\_LOCAL\_MACHINE\SOFTWARE\Microsoft\Surface\Surface + Brightness Control\ + | Registry Setting | Data| Description |-----------|------------|--------------- diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md index 4f6bf5db20..1b1a144c38 100644 --- a/windows/deployment/update/waas-overview.md +++ b/windows/deployment/update/waas-overview.md @@ -174,7 +174,7 @@ With all these options, which an organization chooses depends on the resources, | Windows Update | Yes (manual) | No | Delivery Optimization | None| | Windows Update for Business | Yes | No | Delivery Optimization | Other Group Policy objects | | WSUS | Yes | Yes | BranchCache or Delivery Optimization | Upstream/downstream server scalability | -| Configuration Manager | Yes | Yes | BranchCache, Client Peer Cache | Distribution points, multiple deployment options | +| Configuration Manager | Yes | Yes | BranchCache, Client Peer Cache, or Delivery Optimization. For the latter, see [peer-to-peer content distribution](https://docs.microsoft.com/configmgr/sum/deploy-use/optimize-windows-10-update-delivery#peer-to-peer-content-distribution) and [Optimize Windows 10 Update Delivery](https://docs.microsoft.com/windows/deployment/update/waas-optimize-windows-10-updates) | Distribution points, multiple deployment options | >[!NOTE] >Due to [naming changes](#naming-changes), older terms like CB and CBB might still be displayed in some of our products, such as in Group Policy. If you encounter these terms, "CB" refers to the Semi-Annual Channel (Targeted)--which is no longer used--while "CBB" refers to the Semi-Annual Channel. diff --git a/windows/release-information/resolved-issues-windows-10-1507.yml b/windows/release-information/resolved-issues-windows-10-1507.yml index d782b8d33e..1469d2dcf0 100644 --- a/windows/release-information/resolved-issues-windows-10-1507.yml +++ b/windows/release-information/resolved-issues-windows-10-1507.yml @@ -35,7 +35,6 @@ sections:
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >OS Build 10240.18334

September 23, 2019
KB4522009Resolved
KB4520011October 08, 2019
10:00 AM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 10240.18305

August 13, 2019
KB4512497Resolved
KB4517276August 17, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 10240.18244

June 11, 2019
KB4503291Resolved External
August 09, 2019
07:03 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >OS Build 10240.18244

June 11, 2019
KB4503291Resolved
KB4507458July 09, 2019
10:00 AM PT " @@ -64,12 +63,3 @@ sections:
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on your Apple MacOS device when trying to access network shares via CIFS or SMBv1 on a Windows devices that has installed updates on June 11, 2019 (KB4503291) or later. When you encounter this issue, in MacOS you may receive the error, “There was a problem connecting to the server “{Server Host Name}”. Check the server name or IP address, and then try again. If you continue to have problems, contact your system administrator.”

Affected platforms:
Resolution: For guidance on this issue, see the Apple support article If your Mac can't use NTLM to connect to a Windows server. There is no update for Windows needed for this issue.

Back to topOS Build 10240.18244

June 11, 2019
KB4503291Resolved External
Last updated:
August 09, 2019
07:03 PM PT

Opened:
August 09, 2019
04:25 PM PT " - -- title: June 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4507458.

Back to top		OS Build 10240.18244

June 11, 2019
KB4503291		Resolved
KB4507458		Resolved:
July 09, 2019
10:00 AM PT

Opened:
June 12, 2019
11:11 AM PT
- " diff --git a/windows/release-information/resolved-issues-windows-10-1607.yml b/windows/release-information/resolved-issues-windows-10-1607.yml index 84bc5ffff2..404538ea70 100644 --- a/windows/release-information/resolved-issues-windows-10-1607.yml +++ b/windows/release-information/resolved-issues-windows-10-1607.yml @@ -42,11 +42,6 @@ sections:
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 14393.3025

June 11, 2019
KB4503267Resolved External
August 09, 2019
07:03 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
System Center Virtual Machine Manager cannot enumerate and manage logical switches deployed on managed hosts.

See details >OS Build 14393.2639

November 27, 2018
KB4467684Resolved
KB4507459July 16, 2019
10:00 AM PT
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

See details >OS Build 14393.2941

April 25, 2019
KB4493473Resolved
KB4507459July 16, 2019
10:00 AM PT -
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000.

See details >OS Build 14393.2969

May 14, 2019
KB4494440Resolved
KB4507460July 09, 2019
10:00 AM PT -
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 14393.2999

May 23, 2019
KB4499177Resolved
KB4509475June 27, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >OS Build 14393.3025

June 11, 2019
KB4503267Resolved
KB4503294June 18, 2019
02:00 PM PT -
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >OS Build 14393.2999

May 23, 2019
KB4499177Resolved
KB4503267June 11, 2019
10:00 AM PT -
Issue using PXE to start a device from WDS
There may be issues using PXE to start a device from a WDS server configured to use Variable Window Extension.

See details >OS Build 14393.2848

March 12, 2019
KB4489882Resolved
KB4503267June 11, 2019
10:00 AM PT " @@ -96,27 +91,6 @@ sections: text: " - - - -
DetailsOriginating updateStatusHistory
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016) after installation of KB4493473 on the server. Applications that may exhibit this behavior use an IFRAME during non-interactive authentication requests and receive X-Frame Options set to DENY.

Affected platforms:
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507459.

Back to top		OS Build 14393.2941

April 25, 2019
KB4493473		Resolved
KB4507459		Resolved:
July 16, 2019
10:00 AM PT

Opened:
June 04, 2019
05:55 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499177. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509475.

Back to top		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4509475		Resolved:
June 27, 2019
02:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503294.

Back to top		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4503294		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503267.

Back to top		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4503267		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
- " - -- title: May 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Resolution: This issue was resolved in KB4507460.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4507460		Resolved:
July 09, 2019
10:00 AM PT

Opened:
May 21, 2019
08:50 AM PT
- " - -- title: March 2019 -- items: - - type: markdown - text: " - -
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489882, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4503267.

Back to top		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4503267		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index 35c7f5856c..92e479f7e8 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -38,9 +38,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4512494August 16, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 16299.1331

August 13, 2019
KB4512516Resolved
KB4512494August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved External
August 09, 2019
07:03 PM PT -
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 16299.1182

May 28, 2019
KB4499147Resolved
KB4509477June 26, 2019
04:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >OS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4503281June 18, 2019
02:00 PM PT -
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >OS Build 16299.1182

May 28, 2019
KB4499147Resolved
KB4503284June 11, 2019
10:00 AM PT " @@ -81,14 +78,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503284 on a WDS server.

Affected platforms:
Resolution: This issue was resolved in KB4512494.

Back to topOS Build 16299.1217

June 11, 2019
KB4503284Resolved
KB4512494Resolved:
August 16, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: June 2019 -- items: - - type: markdown - text: " - - - - -
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499147. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509477.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503281.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4503281		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503284.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4503284		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
- " diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index 9aadd14d5a..378576d142 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -41,9 +41,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4512509August 19, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17134.950

August 13, 2019
KB4512501Resolved
KB4512509August 19, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved External
August 09, 2019
07:03 PM PT -
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 17134.799

May 21, 2019
KB4499183Resolved
KB4509478June 26, 2019
04:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >OS Build 17134.829

June 11, 2019
KB4503286Resolved
KB4503288June 18, 2019
02:00 PM PT -
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >OS Build 17134.799

May 21, 2019
KB4499183Resolved
KB4503286June 11, 2019
10:00 AM PT " @@ -93,8 +90,5 @@ sections: text: " - - -
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Resolution: This issue was resolved in KB4519978.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4519978		Resolved:
October 15, 2019
10:00 AM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499183. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509478.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503288.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4503288		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503286.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4503286		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index f6351c2c0b..82cba46203 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -42,12 +42,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4512534August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >OS Build 17763.678

August 13, 2019
KB4511553Resolved
KB4512534August 17, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved External
August 09, 2019
07:03 PM PT -
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 17763.529

May 21, 2019
KB4497934Resolved
KB4509479June 26, 2019
04:00 PM PT -
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
Devices with some Realtek Bluetooth radios drivers may have issues pairing or connecting to devices.

See details >OS Build 17763.503

May 14, 2019
KB4494441Resolved
KB4501371June 18, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >OS Build 17763.557

June 11, 2019
KB4503327Resolved
KB4501371June 18, 2019
02:00 PM PT -
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
Attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) apps, you may receive an error.

See details >OS Build 17763.379

March 12, 2019
KB4489899Resolved
KB4501371June 18, 2019
02:00 PM PT -
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >OS Build 17763.529

May 21, 2019
KB4497934Resolved
KB4503327June 11, 2019
10:00 AM PT -
Issue using PXE to start a device from WDS
Using PXE to start a device from a WDS server configured to use Variable Window Extension may terminate the connection.

See details >OS Build 17763.379

March 12, 2019
KB4489899Resolved
KB4503327June 11, 2019
10:00 AM PT " @@ -106,27 +100,5 @@ sections: text: " - - - - -
DetailsOriginating updateStatusHistory
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Resolution: This issue was resolved in KB4520062.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4520062		Resolved:
October 15, 2019
10:00 AM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509479.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
In some circumstances, devices with Realtek Bluetooth radios may have issues pairing or connecting to Bluetooth devices due to a driver issue.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server 2019
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 14, 2019
05:45 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503327.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4503327		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
- " - -- title: May 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
When attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error, \"Your printer has experienced an unexpected configuration problem. 0x80070007e.\"
 
Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4501371

Back to top		OS Build 17763.379

March 12, 2019
KB4489899		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
May 02, 2019
04:47 PM PT
- " - -- title: March 2019 -- items: - - type: markdown - text: " - -
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489899, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension. 

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
Resolution: This issue was resolved in KB4503327.

Back to top		OS Build 17763.379

March 12, 2019
KB4489899		Resolved
KB4503327		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
" diff --git a/windows/release-information/resolved-issues-windows-10-1903.yml b/windows/release-information/resolved-issues-windows-10-1903.yml index dffdd5ba5f..f6f7b30864 100644 --- a/windows/release-information/resolved-issues-windows-10-1903.yml +++ b/windows/release-information/resolved-issues-windows-10-1903.yml @@ -38,7 +38,6 @@ sections:
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive error code 0x80073701.

See details >OS Build 18362.145

May 29, 2019
KB4497935Resolved
November 12, 2019
08:11 AM PT
Intel Audio displays an intcdaud.sys notification
Devices with a range of Intel Display Audio device drivers may experience battery drain.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved External
November 12, 2019
08:04 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4505903July 26, 2019
02:00 PM PT -
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4501375June 27, 2019
10:00 AM PT
Unable to discover or connect to Bluetooth devices using some Qualcomm adapters
Microsoft has identified compatibility issues with some versions of Qualcomm Bluetooth radio drivers.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4517389October 08, 2019
10:00 AM PT
Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters
Some devices with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards may experience compatibility issues.

See details >N/A

Resolved
KB4522355October 24, 2019
10:00 AM PT
dGPU occasionally disappear from device manager on Surface Book 2
Some apps or games may close or fail to open on Surface Book 2 devices with Nvidia dGPU.

See details >OS Build 18362.145

May 29, 2019
KB4497935Resolved
October 18, 2019
04:33 PM PT @@ -57,10 +56,6 @@ sections:
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >OS Build 18362.175

June 11, 2019
KB4503293Resolved External
August 09, 2019
07:03 PM PT
Display brightness may not respond to adjustments
Devices configured with certain Intel display drivers may experience a driver compatibility issue.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4505903July 26, 2019
02:00 PM PT
RASMAN service may stop working and result in the error “0xc0000005”
The RASMAN service may stop working with VPN profiles configured as an Always On VPN connection.

See details >OS Build 18362.145

May 29, 2019
KB4497935Resolved
KB4505903July 26, 2019
02:00 PM PT -
Loss of functionality in Dynabook Smartphone Link app
Users who update to Windows 10, version 1903 may experience a loss of functionality with Dynabook Smartphone Link.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
July 11, 2019
01:54 PM PT -
Error attempting to update with external USB device or memory card attached
PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
July 11, 2019
01:53 PM PT -
Audio not working with Dolby Atmos headphones and home theater
Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.

See details >OS Build 18362.116

May 21, 2019
KB4505057Resolved
July 11, 2019
01:53 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >OS Build 18362.175

June 11, 2019
KB4503293Resolved
KB4501375June 27, 2019
10:00 AM PT " @@ -127,7 +122,6 @@ sections: text: " -
DetailsOriginating updateStatusHistory
RASMAN service may stop working and result in the error “0xc0000005”
The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error “0xc0000005” on devices where the diagnostic data level is manually configured to the non-default setting of 0. You may also receive an error in the Application section of Windows Logs in Event Viewer with Event ID 1000 referencing “svchost.exe_RasMan” and “rasman.dll”.

This issue only occurs when a VPN profile is configured as an Always On VPN (AOVPN) connection with or without device tunnel. This does not affect manual only VPN profiles or connections.

Affected platforms
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4505903.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
KB4505903		Resolved:
July 26, 2019
02:00 PM PT

Opened:
June 28, 2019
05:01 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4501375.

Back to top		OS Build 18362.175

June 11, 2019
KB4503293		Resolved
KB4501375		Resolved:
June 27, 2019
10:00 AM PT

Opened:
June 12, 2019
11:11 AM PT
" @@ -140,11 +134,7 @@ sections:
Unable to discover or connect to Bluetooth devices using some Realtek adapters
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
Resolution: This issue was resolved with an updated driver for the affected Realtek Bluetooth radio and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved External
Last updated:
November 15, 2019
05:59 PM PT

Opened:
May 21, 2019
07:29 AM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain. If you see an intcdaud.sys notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).
  
To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until updated device drivers have been installed.

Affected platforms:
Resolution: This issue was resolved with updated drivers from your device manufacturer (OEM) or Intel. The safeguard hold has been removed.

Note If you are still experiencing the issue described, please contact your device manufacturer (OEM).

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved External
Last updated:
November 12, 2019
08:04 AM PT

Opened:
May 21, 2019
07:22 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

Microsoft has identified some scenarios in which these features may have issues or stop working, for example:
Affected platforms:
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4505903Resolved:
July 26, 2019
02:00 PM PT

Opened:
May 21, 2019
07:28 AM PT -
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:
        \"Close other apps, error code: 0XA00F4243.”

To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
Resolution: This issue was resolved in KB4501375 and the safeguard hold has been removed.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4501375Resolved:
June 27, 2019
10:00 AM PT

Opened:
May 21, 2019
07:20 AM PT
Windows Sandbox may fail to start with error code “0x80070002”
Windows Sandbox may fail to start with \"ERROR_FILE_NOT_FOUND (0x80070002)\" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

Affected platforms:
Resolution: This issue was resolved in KB4512941.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4512941Resolved:
August 30, 2019
10:00 AM PT

Opened:
May 24, 2019
04:20 PM PT
Display brightness may not respond to adjustments
Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Windows 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.

To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed. Please ensure you have applied the resolving update before attempting to update to the Windows 10 May 2019 Update (version 1903). Please note, it can take up to 48 hours for the safeguard to be removed.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
KB4505903Resolved:
July 26, 2019
02:00 PM PT

Opened:
May 21, 2019
07:56 AM PT -
Loss of functionality in Dynabook Smartphone Link app
Some users may experience a loss of functionality after updating to Windows 10, version 1903 when using the Dynabook Smartphone Link application on Windows devices. Loss of functionality may affect the display of phone numbers in the Call menu and the ability to answer phone calls on the Windows PC.

To safeguard your update experience, we have applied a compatibility hold on devices with Dynabook Smartphone Link from being offered Windows 10, version 1903, until this issue is resolved.

Affected platforms:
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
Resolved:
July 11, 2019
01:54 PM PT

Opened:
May 24, 2019
03:10 PM PT -
Error attempting to update with external USB device or memory card attached
If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.

Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is reassigned a different drive letter (e.g., drive H).

Note The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.

To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until this issue is resolved.

Affected platforms:
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:38 AM PT -
Audio not working with Dolby Atmos headphones and home theater
After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.
 
This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.
 
To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.

Affected platforms:
Resolution: This issue is now resolved and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to Windows 10, version 1903.

Back to topOS Build 18362.116

May 21, 2019
KB4505057Resolved
Resolved:
July 11, 2019
01:53 PM PT

Opened:
May 21, 2019
07:16 AM PT " diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 3ba826b5ad..7401114369 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -39,8 +39,6 @@ sections:
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512506Resolved
KB4517297August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493472Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503292Resolved External
August 09, 2019
07:03 PM PT -
IE11 may stop working when loading or interacting with Power BI reports
Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

See details >May 14, 2019
KB4499164Resolved
KB4503277June 20, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >June 11, 2019
KB4503292Resolved
KB4503277June 20, 2019
02:00 PM PT " @@ -81,16 +79,6 @@ sections: " -- title: June 2019 -- items: - - type: markdown - text: " - - - -
DetailsOriginating updateStatusHistory
IE11 may stop working when loading or interacting with Power BI reports
Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


Affected platforms:
  • Client: Windows 7 SP1; Windows 8.1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

Resolution: This issue was resolved in Preview Rollup KB4503277. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

Back to top		May 14, 2019
KB4499164		Resolved
KB4503277		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 07, 2019
02:57 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503277. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503292		Resolved
KB4503277		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " - - title: April 2019 - items: - type: markdown diff --git a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml index be34bac3ce..d7ed2c1633 100644 --- a/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/resolved-issues-windows-8.1-and-windows-server-2012-r2.yml @@ -39,9 +39,6 @@ sections:
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512488Resolved
KB4517298August 16, 2019
02:00 PM PT
System may be unresponsive after restart with certain McAfee antivirus products
Devices running certain McAfee Endpoint security applications may be slow or unresponsive at startup.

See details >April 09, 2019
KB4493446Resolved External
August 13, 2019
06:59 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503276Resolved External
August 09, 2019
07:03 PM PT -
IE11 may stop working when loading or interacting with Power BI reports
Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

See details >May 14, 2019
KB4499151Resolved
KB4503283June 20, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >June 11, 2019
KB4503276Resolved
KB4503283June 20, 2019
02:00 PM PT -
Issue using PXE to start a device from WDS
There may be issues using PXE to start a device from a WDS server configured to use Variable Window Extension.

See details >March 12, 2019
KB4489881Resolved
KB4503276June 11, 2019
10:00 AM PT " @@ -90,16 +87,6 @@ sections: " -- title: June 2019 -- items: - - type: markdown - text: " - - - -
DetailsOriginating updateStatusHistory
IE11 may stop working when loading or interacting with Power BI reports
Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


Affected platforms:
  • Client: Windows 7 SP1; Windows 8.1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

Resolution: This issue was resolved in Preview Rollup KB4503283. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

Back to top		May 14, 2019
KB4499151		Resolved
KB4503283		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 07, 2019
02:57 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503283. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503276		Resolved
KB4503283		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " - - title: April 2019 - items: - type: markdown @@ -108,12 +95,3 @@ sections:
System may be unresponsive after restart with certain McAfee antivirus products
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update. 

Affected platforms:
Resolution: This issue has been resolved. McAfee has released an automatic update to address this issue. Guidance for McAfee customers can be found in the following McAfee support articles:  

Back to topApril 09, 2019
KB4493446Resolved External
Last updated:
August 13, 2019
06:59 PM PT

Opened:
April 09, 2019
10:00 AM PT " - -- title: March 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489881, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 
Resolution: This issue was resolved in KB4503276.

Back to top		March 12, 2019
KB4489881		Resolved
KB4503276		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
- " diff --git a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml index c0a8e854fa..18fc3ff189 100644 --- a/windows/release-information/resolved-issues-windows-server-2008-sp2.yml +++ b/windows/release-information/resolved-issues-windows-server-2008-sp2.yml @@ -37,7 +37,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503273Resolved
KB4512499August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512476Resolved
KB4517301August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503273Resolved External
August 09, 2019
07:03 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >June 11, 2019
KB4503273Resolved
KB4503271June 20, 2019
02:00 PM PT " @@ -76,12 +75,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503273 on a WDS server.

Affected platforms:
Resolution: This issue was resolved in KB4512499.

Back to topJune 11, 2019
KB4503273Resolved
KB4512499Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: June 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503271. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503273		Resolved
KB4503271		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " diff --git a/windows/release-information/resolved-issues-windows-server-2012.yml b/windows/release-information/resolved-issues-windows-server-2012.yml index 268770f5d8..c2bef06cf8 100644 --- a/windows/release-information/resolved-issues-windows-server-2012.yml +++ b/windows/release-information/resolved-issues-windows-server-2012.yml @@ -37,10 +37,6 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using PXE images from Windows Deployment Services (WDS) may fail to start with error \"0xc0000001.\"

See details >June 11, 2019
KB4503285Resolved
KB4512512August 17, 2019
02:00 PM PT
Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error
Applications made using VB6, macros using VBA, and VBScript may stop responding and you may receive an error.

See details >August 13, 2019
KB4512518Resolved
KB4517302August 16, 2019
02:00 PM PT
MacOS may be unable to access network shares via CIFS or SMBv1 on Windows devices
You may receive an error on MacOS when trying to access network shares via CIFS or SMBv1 on certain Windows devices.

See details >June 11, 2019
KB4503285Resolved External
August 09, 2019
07:03 PM PT -
Some devices and generation 2 Hyper-V VMs may have issues installing updates
Some devices and generation 2 Hyper-V VMs may have issues installing some updates when Secure Boot is enabled.

See details >June 11, 2019
KB4503285Resolved
KB4503295June 21, 2019
02:00 PM PT -
IE11 may stop working when loading or interacting with Power BI reports
Power BI reports that contain line charts with markers may cause Internet Explorer 11 to stop working.

See details >May 14, 2019
KB4499171Resolved
KB4503295June 21, 2019
02:00 PM PT -
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may see an error or the app may close.

See details >June 11, 2019
KB4503285Resolved
KB4503295June 20, 2019
02:00 PM PT -
Issue using PXE to start a device from WDS
There may be issues using PXE to start a device from a WDS server configured to use Variable Window Extension.

See details >March 12, 2019
KB4489891Resolved
KB4503285June 11, 2019
10:00 AM PT " @@ -87,23 +83,3 @@ sections:
Devices starting using PXE from a WDS or SCCM servers may fail to start
Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503285 on a WDS server.

Affected platforms:
Resolution: This issue was resolved in KB4512512.

Back to topJune 11, 2019
KB4503285Resolved
KB4512512Resolved:
August 17, 2019
02:00 PM PT

Opened:
July 10, 2019
02:51 PM PT " - -- title: June 2019 -- items: - - type: markdown - text: " - - - - -
DetailsOriginating updateStatusHistory
Some devices and generation 2 Hyper-V VMs may have issues installing updates
Some devices and generation 2 Hyper-V virtual machines (VMs) may have issues installing KB4503285 or later updates when Secure Boot is enabled.

Affected platforms:
  • Server: Windows Server 2012
Resolution: This issue was resolved in KB4503295. If your device is using Security Only updates, this issue was resolved in KB4508776.

Back to top		June 11, 2019
KB4503285		Resolved
KB4503295		Resolved:
June 21, 2019
02:00 PM PT

Opened:
June 19, 2019
04:57 PM PT
IE11 may stop working when loading or interacting with Power BI reports
Internet Explorer 11 may stop working when loading or interacting with Power BI reports that have line charts with markers. This issue may also occur when viewing other content that contains Scalable Vector Graphics (SVG) markers.


Affected platforms:
  • Client: Windows 7 SP1; Windows 8.1
  • Server: Windows Server 2008 R2 SP1; Windows Server 2012; Windows Server 2012 R2

Resolution: This issue was resolved in Preview Rollup KB4503295. If you are using the Internet Explorer cumulative updates, this issue was resolved in KB4508646.

Back to top		May 14, 2019
KB4499171		Resolved
KB4503295		Resolved:
June 21, 2019
02:00 PM PT

Opened:
June 07, 2019
02:57 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503295. If you are using Security Only updates, see KB4508640 for resolving KB for your platform.

Back to top		June 11, 2019
KB4503285		Resolved
KB4503295		Resolved:
June 20, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
- " - -- title: March 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Issue using PXE to start a device from WDS
After installing KB4489891, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.

Affected platforms: 
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1 
  • Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012 
Resolution: This issue was resolved in KB4503285.

Back to top		March 12, 2019
KB4489891		Resolved
KB4503285		Resolved:
June 11, 2019
10:00 AM PT

Opened:
March 12, 2019
10:00 AM PT
- " diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 88e42ce4a7..b45f2a51e5 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -64,7 +64,6 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- @@ -93,7 +92,6 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Microsoft Defender Advanced Threat Protection might stop running
The Microsoft Defender ATP service might stop running and might fail to send reporting data.

See details >		OS Build 17763.832

October 15, 2019
KB4520062		Resolved
KB4523205		November 12, 2019
10:00 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 17763.737

September 10, 2019
KB4512578		Mitigated
November 12, 2019
08:05 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 17763.805

October 08, 2019
KB4519338		Mitigated External
November 05, 2019
03:36 PM PT
Devices with some Asian language packs installed may receive an error
Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
-
DetailsOriginating updateStatusHistory
Microsoft Defender Advanced Threat Protection might stop running
After installing the optional non-security update (KB4520062), the Microsoft Defender Advanced Threat Protection (ATP) service might stop running and might fail to send reporting data. You might also receive a 0xc0000409 error in Event Viewer on MsSense.exe.

Note Microsoft Windows Defender Antivirus is not affected by this issue.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server, version 1809; Windows Server 2019
Resolution: This issue was resolved in KB4523205.

Back to top		OS Build 17763.832

October 15, 2019
KB4520062		Resolved
KB4523205		Resolved:
November 12, 2019
10:00 AM PT

Opened:
October 17, 2019
05:14 PM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Workaround: To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.737

September 10, 2019
KB4512578		Mitigated
Last updated:
November 12, 2019
08:05 AM PT

Opened:
October 29, 2019
05:15 PM PT
" diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index e89546389a..695f9e9477 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -64,14 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- - - - - -
SummaryOriginating updateStatusLast updated
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 18362.356

September 10, 2019
KB4515384		Resolved
KB4530684		December 10, 2019
10:00 AM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
November 22, 2019
04:10 PM PT
Unable to discover or connect to Bluetooth devices using some Realtek adapters
Microsoft has identified compatibility issues with some versions of Realtek Bluetooth radio drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
November 15, 2019
05:59 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive error code 0x80073701.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
November 12, 2019
08:11 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		OS Build 18362.418

October 08, 2019
KB4517389		Mitigated External
November 05, 2019
03:36 PM PT
Intel Audio displays an intcdaud.sys notification
Devices with a range of Intel Display Audio device drivers may experience battery drain.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
November 12, 2019
08:04 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		July 26, 2019
02:00 PM PT
" @@ -91,33 +85,3 @@ sections:
TLS connections might fail or timeout
Updates for Windows released October 8, 2019 or later provide protections, tracked by CVE-2019-1318, against an attack that could allow unauthorized access to information or data within TLS connections. This type of attack is known as a man-in-the-middle exploit. Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (RFC 7627). Lack of RFC support might cause one or more of the following errors or logged events:
Affected platforms:

Next Steps: Connections between two devices running any supported version of Windows should not have this issue when fully updated. There is no update for Windows needed for this issue. These changes are required to address a security issue and security compliance. For information, see KB4528489.

Back to topOS Build 18362.418

October 08, 2019
KB4517389Mitigated External
Last updated:
November 05, 2019
03:36 PM PT

Opened:
November 05, 2019
03:36 PM PT " - -- title: October 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Unable to create local users in Chinese, Japanese and Korean during device setup
When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4530684.

Back to top		OS Build 18362.356

September 10, 2019
KB4515384		Resolved
KB4530684		Resolved:
December 10, 2019
10:00 AM PT

Opened:
October 29, 2019
05:15 PM PT
- " - -- title: August 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive the error message, \"Updates Failed, There were problems installing some updates, but we'll try again later\" or \"Error 0x80073701\" on the Windows Update dialog or within Update history.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue has been resolved for most users. If you are still having issues, please see KB4528159.

Back to top		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
Resolved:
November 12, 2019
08:11 AM PT

Opened:
August 16, 2019
01:41 PM PT
- " - -- title: May 2019 -- items: - - type: markdown - text: " - - - - - -
DetailsOriginating updateStatusHistory
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with affected Qualcomm driver from being offered Windows 10, version 1903 or Windows 10, version 1909, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
Resolution: This issue was resolved with an updated Qualcomm Wifi driver and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
Last updated:
November 22, 2019
04:10 PM PT

Opened:
May 21, 2019
07:13 AM PT
Unable to discover or connect to Bluetooth devices using some Realtek adapters
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
  • Server: Windows 10, version 1909; Windows Server, version 1903
Resolution: This issue was resolved with an updated driver for the affected Realtek Bluetooth radio and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
Last updated:
November 15, 2019
05:59 PM PT

Opened:
May 21, 2019
07:29 AM PT
Intel Audio displays an intcdaud.sys notification
Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain. If you see an intcdaud.sys notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).
  
To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until updated device drivers have been installed.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809
Resolution: This issue was resolved with updated drivers from your device manufacturer (OEM) or Intel. The safeguard hold has been removed.

Note If you are still experiencing the issue described, please contact your device manufacturer (OEM).

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
Last updated:
November 12, 2019
08:04 AM PT

Opened:
May 21, 2019
07:22 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

Microsoft has identified some scenarios in which these features may have issues or stop working, for example:
  • Connecting to (or disconnecting from) an external monitor, dock, or projector
  • Rotating the screen
  • Updating display drivers or making other display mode changes
  • Closing full screen applications
  • Applying custom color profiles
  • Running applications that rely on custom gamma ramps
Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4505903 and the safeguard hold has been removed.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		Resolved:
July 26, 2019
02:00 PM PT

Opened:
May 21, 2019
07:28 AM PT
- " diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml index a8b1f36597..ac72f26612 100644 --- a/windows/release-information/status-windows-10-1909.yml +++ b/windows/release-information/status-windows-10-1909.yml @@ -64,10 +64,7 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- - -
SummaryOriginating updateStatusLast updated
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 18363.476

November 12, 2019
KB4524570		Resolved
KB4530684		December 10, 2019
10:00 AM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18363.476

November 12, 2019
KB4524570		Resolved External
November 22, 2019
04:10 PM PT
Unable to discover or connect to Bluetooth devices using some Realtek adapters
Microsoft has identified compatibility issues with some versions of Realtek Bluetooth radio drivers.

See details >		OS Build 18363.476

November 12, 2019
KB4524570		Resolved External
November 15, 2019
05:59 PM PT
" @@ -86,22 +83,3 @@ sections:
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some older versions of Avast Antivirus and AVG Antivirus that might still be installed by a small number of users. Any application from Avast or AVG that contains Antivirus version 19.5.4444.567 or earlier is affected.

To safeguard your upgrade experience, we have applied a hold on devices with affected Avast and AVG Antivirus from being offered or installing Windows 10, version 1903 or Windows 10, version 1909, until the application is updated.

Affected platforms:
Workaround: Before updating to Windows 10, version 1903 or Windows 10, version 1909, you will need to download and install an updated version of your Avast or AVG application. Guidance for Avast and AVG customers can be found in the following support articles:
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new version of your Avast or AVG application has been installed and the Windows 10, version 1903 or Windows 10, version 1909 feature update has been automatically offered to you.

Back to topN/A

Mitigated External
Last updated:
November 25, 2019
05:25 PM PT

Opened:
November 22, 2019
04:10 PM PT " - -- title: October 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Unable to create local users in Chinese, Japanese and Korean during device setup
When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Resolution: This issue was resolved in KB4530684.

Back to top		OS Build 18363.476

November 12, 2019
KB4524570		Resolved
KB4530684		Resolved:
December 10, 2019
10:00 AM PT

Opened:
October 29, 2019
05:15 PM PT
- " - -- title: May 2019 -- items: - - type: markdown - text: " - - - -
DetailsOriginating updateStatusHistory
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).

To safeguard your upgrade experience, we have applied a hold on devices with affected Qualcomm driver from being offered Windows 10, version 1903 or Windows 10, version 1909, until the updated driver is installed.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
Resolution: This issue was resolved with an updated Qualcomm Wifi driver and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.

Back to top		OS Build 18363.476

November 12, 2019
KB4524570		Resolved External
Last updated:
November 22, 2019
04:10 PM PT

Opened:
May 21, 2019
07:13 AM PT
Unable to discover or connect to Bluetooth devices using some Realtek adapters
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
  • Server: Windows 10, version 1909; Windows Server, version 1903
Resolution: This issue was resolved with an updated driver for the affected Realtek Bluetooth radio and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1909 or Windows 10, version 1903.

Back to top		OS Build 18363.476

November 12, 2019
KB4524570		Resolved External
Last updated:
November 15, 2019
05:59 PM PT

Opened:
May 21, 2019
07:29 AM PT
- " diff --git a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml index d20fb293cd..3db7d9a3ea 100644 --- a/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml +++ b/windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml @@ -60,7 +60,6 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- @@ -79,7 +78,6 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Printing from 32-bit apps might fail on a 64-bit OS
When attempting to print, you may receive an error or the application may stop responding or close.

See details >		August 13, 2019
KB4512489		Resolved
KB4525250		November 12, 2019
10:00 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520005		Mitigated External
November 05, 2019
03:36 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.

See details >		April 25, 2019
KB4493443		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		January 08, 2019
KB4480963		Mitigated
April 25, 2019
02:00 PM PT
-
DetailsOriginating updateStatusHistory
Printing from 32-bit apps might fail on a 64-bit OS
When attempting to print from a 32-bit app on a 64-bit operating system (OS), you may receive an error, or the application may stop responding or close. Note This issue only affects the 64-bit Security Only updates listed and does not affect any Monthly Rollup.

Affected platforms:
  • Client: Windows 8.1
  • Server: Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4525250. However, the issue occurs when you install only KB4512489 (released on August 13, 2019) without installing KB4507457, the previous Security Only update (released July 9, 2019). Reminder When using the Security Only updates, you must install the latest and all previous Security Only updates to ensure that the device contains all resolved security vulnerabilities.

Back to top		August 13, 2019
KB4512489		Resolved
KB4525250		Resolved:
November 12, 2019
10:00 AM PT

Opened:
November 27, 2019
04:02 PM PT
TLS connections might fail or timeout
Updates for Windows released October 8, 2019 or later provide protections, tracked by CVE-2019-1318, against an attack that could allow unauthorized access to information or data within TLS connections. This type of attack is known as a man-in-the-middle exploit. Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (RFC 7627). Lack of RFC support might cause one or more of the following errors or logged events:
  • \"The request was aborted: Could not create SSL/TLS secure Channel\"
  • SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"
Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Next Steps: Connections between two devices running any supported version of Windows should not have this issue when fully updated. There is no update for Windows needed for this issue. These changes are required to address a security issue and security compliance. For information, see KB4528489.

Back to top		October 08, 2019
KB4520005		Mitigated External
Last updated:
November 05, 2019
03:36 PM PT

Opened:
November 05, 2019
03:36 PM PT
" diff --git a/windows/release-information/status-windows-server-2012.yml b/windows/release-information/status-windows-server-2012.yml index 734e55f864..ae33c73b72 100644 --- a/windows/release-information/status-windows-server-2012.yml +++ b/windows/release-information/status-windows-server-2012.yml @@ -60,7 +60,6 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- @@ -79,7 +78,6 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Printing from 32-bit apps might fail on a 64-bit OS
When attempting to print, you may receive an error or the application may stop responding or close.

See details >		August 13, 2019
KB4512482		Resolved
KB4525253		November 12, 2019
10:00 AM PT
TLS connections might fail or timeout
Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.

See details >		October 08, 2019
KB4520007		Mitigated External
November 05, 2019
03:36 PM PT
Japanese IME doesn't show the new Japanese Era name as a text input option
With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.

See details >		April 25, 2019
KB4493462		Mitigated
May 15, 2019
05:53 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).

See details >		January 08, 2019
KB4480975		Mitigated
April 25, 2019
02:00 PM PT
-
DetailsOriginating updateStatusHistory
Printing from 32-bit apps might fail on a 64-bit OS
When attempting to print from a 32-bit app on a 64-bit operating system (OS), you may receive an error, or the application may stop responding or close. Note This issue only affects the 64-bit Security Only updates listed and does not affect any Monthly Rollup.

Affected platforms:
  • Client: Windows 8.1
  • Server: Windows Server 2012 R2; Windows Server 2012
Resolution: This issue is resolved in KB4525253. However, the issue occurs when you install only KB4512482 (released on August 13, 2019) without installing KB4507447, the previous Security Only update (released July 9, 2019). Reminder When using the Security Only updates, you must install the latest and all previous Security Only updates to ensure that the device contains all resolved security vulnerabilities.

Back to top		August 13, 2019
KB4512482		Resolved
KB4525253		Resolved:
November 12, 2019
10:00 AM PT

Opened:
November 27, 2019
04:02 PM PT
TLS connections might fail or timeout
Updates for Windows released October 8, 2019 or later provide protections, tracked by CVE-2019-1318, against an attack that could allow unauthorized access to information or data within TLS connections. This type of attack is known as a man-in-the-middle exploit. Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (RFC 7627). Lack of RFC support might cause one or more of the following errors or logged events:
  • \"The request was aborted: Could not create SSL/TLS secure Channel\"
  • SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"
Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Next Steps: Connections between two devices running any supported version of Windows should not have this issue when fully updated. There is no update for Windows needed for this issue. These changes are required to address a security issue and security compliance. For information, see KB4528489.

Back to top		October 08, 2019
KB4520007		Mitigated External
Last updated:
November 05, 2019
03:36 PM PT

Opened:
November 05, 2019
03:36 PM PT
" diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index b3441dc375..e8c99b7485 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,8 @@ sections: text: " + + diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md index 610edeb54d..69155363d3 100644 --- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md +++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md @@ -86,6 +86,8 @@ You can do this by using either the Control Panel or the Deployment Image Servic ``` dism /image: /Enable-Feature /FeatureName:IsolatedUserMode ``` +> [!NOTE] +> In Windows 10, version 1607 and later, the Isolated User Mode feature has been integrated into the core operating system. Running the command in step 3 above is therefore no longer required. > [!NOTE] > You can also add these features to an online image by using either DISM or Configuration Manager. diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md index 72257804e5..d1efe88759 100644 --- a/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md +++ b/windows/security/identity-protection/hello-for-business/hello-deployment-guide.md @@ -68,3 +68,5 @@ Following are the various deployment guides and models included in this topic: Windows Hello for Business provisioning begins immediately after the user has signed in, after the user profile is loaded, but before the user receives their desktop. Windows only launches the provisioning experience if all the prerequisite checks pass. You can determine the status of the prerequisite checks by viewing the **User Device Registration** in the **Event Viewer** under **Applications and Services Logs\Microsoft\Windows**. +> [!NOTE] +> You need to allow access to the URL account.microsoft.com to initiate Windows Hello for Business provisioning. This URL launches the subsequent steps in the provisioning process and is required to successfully complete Windows Hello for Business provisioning. This URL does not require any authentication and as such, does not collect any user data. diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md index 9874fcd53a..54e4021adc 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md @@ -58,6 +58,9 @@ To resolve this issue, the CRL distribution point must be a location that is acc If your CRL distribution point does not list an HTTP distribution point, then you need to reconfigure the issuing certificate authority to include an HTTP CRL distribution point, preferably first in the list of distribution points. +> [!NOTE] +> If your CA has published both the Base and the Delta CRL, please make sure you have included publishing the Delta CRL in the HTTP path. Include web server to fetch the Delta CRL by allowing double escaping in the (IIS) web server. + ### Windows Server 2016 Domain Controllers If you are interested in configuring your environment to use the Windows Hello for Business key rather than a certificate, then your environment must have an adequate number of Windows Server 2016 domain controllers. Only Windows Server 2016 domain controllers are capable of authenticating user with a Windows Hello for Business key. What do we mean by adequate? We are glad you asked. Read [Planning an adequate number of Windows Server 2016 Domain Controllers for Windows Hello for Business deployments](hello-adequate-domain-controllers.md) to learn more. @@ -335,6 +338,3 @@ Sign-in a workstation with access equivalent to a _domain user_. If you plan on using certificates for on-premises single-sign on, perform the additional steps in [Using Certificates for On-premises Single-sign On](hello-hybrid-aadj-sso-cert.md). - - - diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md index 8ed6db6fb4..f7a5eed854 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-prereqs.md @@ -118,6 +118,11 @@ Hybrid certificate trust deployments need the device write back feature. Authen > [!NOTE] > Windows Hello for Business is tied between a user and a device. Both the user and device need to be synchronized between Azure Active Directory and Active Directory, and therefore the device writeback is used to update the msDS-KeyCredentialLink on the computer object. +## Provisioning + +You need to allow access to the URL account.microsoft.com to initiate Windows Hello for Business provisioning. This URL launches the subsequent steps in the provisioning process and is required to successfully complete Windows Hello for Business provisioning. This URL does not require any authentication and as such, does not collect any user data. + + ### Section Checklist ### > [!div class="checklist"] > * Azure Active Directory Device writeback diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md index e2d7d4fc9c..16c17aa3f9 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-dir-sync.md @@ -31,7 +31,7 @@ In hybrid deployments, users register the public portion of their Windows Hello The key-trust model needs Windows Server 2016 domain controllers, which configures the key registration permissions automatically; however, the certificate-trust model does not and requires you to add the permissions manually. > [!IMPORTANT] -> If you already have a Windows Server 2016 domain controller in your domain, you can skip **Configure Permissions for Key Synchronization**. +> If you already have a Windows Server 2016 domain controller in your domain, you can skip **Configure Permissions for Key Synchronization**. In this case, you should use the pre-created group KeyAdmins in step 3 of the "Group Memberships for the Azure AD Connect Service Account" section of this article. ### Configure Permissions for Key Synchronization @@ -56,9 +56,6 @@ Sign-in a domain controller or management workstation with _Domain Admin_ equiva 1. Open **Active Directory Users and Computers**. 2. Click the **Users** container in the navigation pane. - >[!IMPORTANT] - > If you already have a Windows Server 2016 domain controller in your domain, use the Keyadmins group in the next step, otherwise use the KeyCredential admins group you previously created. - 3. Right-click either the **KeyAdmins** or **KeyCredential Admins** in the details pane and click **Properties**. 4. Click the **Members** tab and click **Add** 5. In the **Enter the object names to select** text box, type the name of the Azure AD Connect service account. Click **OK**. diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md index d2694a48af..d2b1de480f 100644 --- a/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md +++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-prereqs.md @@ -40,7 +40,7 @@ Hybrid Windows Hello for Business needs two directories: on-premises Active Dire A hybrid Windows Hello for Business deployment needs an Azure Active Directory subscription. The hybrid key trust deployment, does not need a premium Azure Active Directory subscription. -You can deploy Windows Hello for Business in any environment with Windows Server 2008 R2 or later domain controllers. However, the key trust deployment needs an ***adequate*** number of Windows Server 2016 domain controllers at each site where users authenticate using Windows Hello for Business. Read the [Planning an adequate number of Windows Server 2016 Domain Controllers for Windows Hello for Business deployments](hello-adequate-domain-controllers.md) to learn more. +You can deploy Windows Hello for Business in any environment with Windows Server 2008 R2 or later domain controllers. However, the key trust deployment needs an ***adequate*** number of Windows Server 2016 or later domain controllers at each site where users authenticate using Windows Hello for Business. Read the [Planning an adequate number of Windows Server 2016 or later Domain Controllers for Windows Hello for Business deployments](hello-adequate-domain-controllers.md) to learn more. Review these requirements and those from the Windows Hello for Business planning guide and worksheet. Based on your deployment decisions you may need to upgrade your on-premises Active Directory or your Azure Active Directory subscription to meet your needs. @@ -125,7 +125,11 @@ Hybrid Windows Hello for Business deployments can use Azure’s Multifactor Auth ## Device Registration Organizations wanting to deploy hybrid key trust need their domain joined devices to register to Azure Active Directory. Just as a computer has an identity in Active Directory, that same computer has an identity in the cloud. This ensures that only approved computers are used with that Azure Active Directory. Each computer registers its identity in Azure Active Directory. - + +## Provisioning + +You need to allow access to the URL account.microsoft.com to initiate Windows Hello for Business provisioning. This URL launches the subsequent steps in the provisioning process and is required to successfully complete Windows Hello for Business provisioning. This URL does not require any authentication and as such, does not collect any user data. + ### Section Checklist diff --git a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md index 5f6fb9480c..57a2493e4c 100644 --- a/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md +++ b/windows/security/identity-protection/hello-for-business/hello-key-trust-validate-pki.md @@ -196,7 +196,7 @@ Alternatively, you can forcefully trigger automatic certificate enrollment using Use the event logs to monitor certificate enrollment and archive. Review the configuration, such as publishing certificate templates to issuing certificate authority and the allow auto enrollment permissions. -## Follow the Windows Hello for Business on premises certificate trust deployment guide +## Follow the Windows Hello for Business on premises key trust deployment guide 1. [Validate Active Directory prerequisites](hello-key-trust-validate-ad-prereq.md) 2. Validate and Configure Public Key Infrastructure (*You are here*) 3. [Prepare and Deploy Windows Server 2016 Active Directory Federation Services](hello-key-trust-adfs.md) diff --git a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md index 1b109aef97..9d1178639c 100644 --- a/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md +++ b/windows/security/information-protection/windows-information-protection/create-wip-policy-using-sccm.md @@ -3,7 +3,7 @@ title: Create and deploy a Windows Information Protection (WIP) policy using Mic description: Use Configuration Manager to make & deploy a Windows Information Protection (WIP) policy. Choose protected apps, WIP-protection level, and find enterprise data. ms.assetid: 85b99c20-1319-4aa3-8635-c1a87b244529 ms.reviewer: -keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection, SCCM, Microsoft Endpoint Configuration Manager, Configuration Manager +keywords: WIP, Windows Information Protection, EDP, Enterprise Data Protection, SCCM, System Center Configuration Manager, Configuration Manager, MEMCM, Microsoft Endpoint Configuration Manager ms.prod: w10 ms.mktglfcycl: explore ms.sitesec: library @@ -15,7 +15,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 05/13/2019 +ms.date: 01/09/2020 --- # Create and deploy a Windows Information Protection (WIP) policy using Microsoft Endpoint Configuration Manager @@ -28,13 +28,16 @@ ms.date: 05/13/2019 Microsoft Endpoint Configuration Manager helps you create and deploy your Windows Information Protection (WIP) policy, including letting you choose your protected apps, your WIP-protection mode, and how to find enterprise data on the network. ## Add a WIP policy -After you’ve installed and set up Microsoft Endpoint Configuration Manager for your organization, you must create a configuration item for WIP, which in turn becomes your WIP policy. +After you’ve installed and set up Configuration Manager for your organization, you must create a configuration item for WIP, which in turn becomes your WIP policy. + +>[!TIP] +> Review the [Limitations while using Windows Information Protection (WIP)](limitations-with-wip.md) article before creating a new configuration item to avoid common issues. **To create a configuration item for WIP** -1. Open the Microsoft Endpoint Configuration Manager console, click the **Assets and Compliance** node, expand the **Overview** node, expand the **Compliance Settings** node, and then expand the **Configuration Items** node. +1. Open the Configuration Manager console, click the **Assets and Compliance** node, expand the **Overview** node, expand the **Compliance Settings** node, and then expand the **Configuration Items** node. - ![Microsoft Endpoint Configuration Manager, Configuration Items screen](images/wip-sccm-addpolicy.png) + ![Configuration Manager, Configuration Items screen](images/wip-sccm-addpolicy.png) 2. Click the **Create Configuration Item** button.

The **Create Configuration Item Wizard** starts. @@ -62,6 +65,7 @@ The **Create Configuration Item Wizard** starts. The **Configure Windows Information Protection settings** page appears, where you'll configure your policy for your organization. ## Add app rules to your policy + During the policy-creation process in Microsoft Endpoint Configuration Manager, you can choose the apps you want to give access to your enterprise data through WIP. Apps included in this list can protect data on behalf of the enterprise and are restricted from copying or moving enterprise data to unprotected apps. The steps to add your app rules are based on the type of rule template being applied. You can add a store app (also known as a Universal Windows Platform (UWP) app), a signed Windows desktop app, or an AppLocker policy file. @@ -297,7 +301,8 @@ For this example, we’re going to add an AppLocker XML file to the **App Rules* ``` 12. After you’ve created your XML file, you need to import it by using Microsoft Endpoint Configuration Manager. -**To import your Applocker policy file app rule using Microsoft Endpoint Configuration Manager** +**To import your Applocker policy file app rule using Configuration Manager** + 1. From the **App rules** area, click **Add**. The **Add app rule** box appears. @@ -506,3 +511,5 @@ After you’ve created your WIP policy, you'll need to deploy it to your organiz - [How to collect Windows Information Protection (WIP) audit event logs](collect-wip-audit-event-logs.md) - [General guidance and best practices for Windows Information Protection (WIP)](guidance-and-best-practices-wip.md) + +- [Limitations while using Windows Information Protection (WIP)](limitations-with-wip.md) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 067b229225..1a24b2cafd 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -121,6 +121,7 @@ ##### [DeviceInfo](microsoft-defender-atp/advanced-hunting-deviceinfo-table.md) ##### [DeviceNetworkInfo](microsoft-defender-atp/advanced-hunting-devicenetworkinfo-table.md) ##### [DeviceEvents](microsoft-defender-atp/advanced-hunting-deviceevents-table.md) +##### [DeviceFileCertificateInfoBeta](microsoft-defender-atp/advanced-hunting-devicefilecertificateinfobeta-table.md) ##### [DeviceNetworkEvents](microsoft-defender-atp/advanced-hunting-devicenetworkevents-table.md) ##### [DeviceProcessEvents](microsoft-defender-atp/advanced-hunting-deviceprocessevents-table.md) ##### [DeviceRegistryEvents](microsoft-defender-atp/advanced-hunting-deviceregistryevents-table.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md index 4d241c4a55..c7fd28fc75 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-alertevents-table.md @@ -26,7 +26,7 @@ ms.date: 10/08/2019 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink) -The `AlertEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about alerts on Microsoft Defender Security Center. Use this reference to construct queries that return information from the table. +The `AlertEvents` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about alerts in Microsoft Defender Security Center. Use this reference to construct queries that return information from the table. For information on other tables in the advanced hunting schema, see [the advanced hunting schema reference](advanced-hunting-schema-reference.md). diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfobeta-table.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfobeta-table.md new file mode 100644 index 0000000000..b3a718ead0 --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-devicefilecertificateinfobeta-table.md @@ -0,0 +1,59 @@ +--- +title: DeviceFileCertificateInfoBeta table in the advanced hunting schema +description: Learn about file signing information in the DeviceFileCertificateInfoBeta table of the advanced hunting schema +keywords: advanced hunting, threat hunting, cyber threat hunting, mdatp, windows defender atp, wdatp search, query, telemetry, schema reference, kusto, table, column, data type, description, digital signature, certificate, file signing, DeviceFileCertificateInfoBeta +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: lomayor +author: lomayor +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: article +ms.date: 01/14/2020 +--- + +# DeviceFileCertificateInfoBeta + +**Applies to:** + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhuntingref-abovefoldlink) + +[!include[Prerelease information](../../includes/prerelease.md)] + +The `DeviceFileCertificateInfoBeta` table in the [advanced hunting](advanced-hunting-overview.md) schema contains information about file signing certificates. This table uses data obtained from certificate verification activities regularly performed on files on endpoints. + +For information on other tables in the advanced hunting schema, see [the advanced hunting schema reference](advanced-hunting-schema-reference.md). + +| Column name | Data type | Description | +|-------------|-----------|-------------| +| `Timestamp` | datetime | Date and time when the event was recorded +| `DeviceId` | string | Unique identifier for the machine in the service +| `DeviceName` | string | Fully qualified domain name (FQDN) of the machine +| `SHA1` | string | SHA-1 of the file that the recorded action was applied to +| `IsSigned` | boolean | Indicates whether the file is signed +| `SignatureType` | string | Indicates whether signature information was read as embedded content in the file itself or read from an external catalog file +| `Signer` | string | Information about the signer of the file +| `SignerHash` | string | Unique hash value identifying the signer +| `Issuer` | string | Information about the issuing certificate authority (CA) +| `IssuerHash` | string | Unique hash value identifying issuing certificate authority (CA) +| `CrlDistributionPointUrls` | string | URL of the network share that contains certificates and the certificate revocation list (CRL) +| `CertificateCreationTime` | datetime | Date and time the certificate was created +| `CertificateExpirationTime` | datetime | Date and time the certificate is set to expire +| `CertificateCountersignatureTime` | datetime | Date and time the certificate was countersigned +| `IsTrusted` | boolean | Indicates whether the file is trusted based on the results of the WinVerifyTrust function, which checks for unknown root certificate information, invalid signatures, revoked certificates, and other questionable attributes +| `IsRootSignerMicrosoft` | boolean | Indicates whether the signer of the root certificate is Microsoft +| `ReportId` | long | Event identifier based on a repeating counter. To identify unique events, this column must be used in conjunction with the DeviceName and Timestamp columns. + + +## Related topics +- [Advanced hunting overview](advanced-hunting-overview.md) +- [Learn the query language](advanced-hunting-query-language.md) +- [Understand the schema](advanced-hunting-schema-reference.md) \ No newline at end of file diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md index e1cbdc7933..85f9a0c799 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-query-language.md @@ -23,8 +23,7 @@ ms.date: 10/08/2019 **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -> [!TIP] -> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink) +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-abovefoldlink) Advanced hunting is based on the [Kusto query language](https://docs.microsoft.com/azure/kusto/query/). You can use Kusto syntax and operators to construct queries that locate information in the [schema](advanced-hunting-schema-reference.md) specifically structured for advanced hunting. To understand these concepts better, run your first query. @@ -141,5 +140,4 @@ For detailed information about the query language, see [Kusto query language doc - [Understand the schema](advanced-hunting-schema-reference.md) - [Apply query best practices](advanced-hunting-best-practices.md) -> [!TIP] -> Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-belowfoldlink) +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-advancedhunting-belowfoldlink) diff --git a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md index 7c64003218..8eb7542ce5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md +++ b/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-schema-reference.md @@ -15,7 +15,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: article -ms.date: 10/08/2019 +ms.date: 01/14/2020 --- # Understand the advanced hunting schema @@ -47,6 +47,7 @@ Table and column names are also listed within the Microsoft Defender Security Ce | **[DeviceLogonEvents](advanced-hunting-devicelogonevents-table.md)** | Sign-ins and other authentication events | | **[DeviceImageLoadEvents](advanced-hunting-deviceimageloadevents-table.md)** | DLL loading events | | **[DeviceEvents](advanced-hunting-deviceevents-table.md)** | Multiple event types, including events triggered by security controls such as Windows Defender Antivirus and exploit protection | +| **[DeviceFileCertificateInfoBeta](advanced-hunting-devicefilecertificateinfobeta-table.md)** | Certificate information of signed files obtained from certificate verification events on endpoints | | **[DeviceTvmSoftwareInventoryVulnerabilities](advanced-hunting-tvm-softwareinventory-table.md)** | Inventory of software on devices as well as any known vulnerabilities in these software products | | **[DeviceTvmSoftwareVulnerabilitiesKB ](advanced-hunting-tvm-softwarevulnerability-table.md)** | Knowledge base of publicly disclosed vulnerabilities, including whether exploit code is publicly available | | **[DeviceTvmSecureConfigurationAssessment](advanced-hunting-tvm-configassessment-table.md)** | Threat & Vulnerability Management assessment events, indicating the status of various security configurations on devices | diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 53c62c311d..43323ca96d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -19,6 +19,10 @@ ms.topic: conceptual # What's new in Microsoft Defender Advanced Threat Protection for Mac +## 100.82.60 + +- Addressed an issue where the product fails to start following a definition update. + ## 100.80.42 - Bug fixes diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md index 6cad2a8034..be43f23ee8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md @@ -63,7 +63,7 @@ The three most recent major releases of macOS are supported. - 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra) - Disk space: 650 MB -Beta versions of macOS are not supported. macOS Sierra (10.12) support will end on January 1, 2020. +Beta versions of macOS are not supported. macOS Sierra (10.12) support ended on January 1, 2020. After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints. diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md index 802f0fdc28..92ffe6cd6c 100644 --- a/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md +++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-do-not-require-ctrl-alt-del.md @@ -19,7 +19,7 @@ ms.date: 04/19/2017 # Interactive logon: Do not require CTRL+ALT+DEL **Applies to** -- Windows 10 +- Windows 10 Describes the best practices, location, values, and security considerations for the **Interactive logon: Do not require CTRL+ALT+DEL** security policy setting. @@ -27,7 +27,7 @@ Describes the best practices, location, values, and security considerations for This security setting determines whether pressing CTRL+ALT+DEL is required before a user can log on. -If this policy setting is enabled on a device, a user is not required to press CTRL+ALT+DEL to log on. Not having to press CTRL+ALT+DEL leaves users susceptible to attacks that attempt to intercept the users' passwords. Requiring CTRL+ALT+DEL before users log on ensures that users are communicating by means of a trusted path when entering their passwords. +If this policy setting is enabled on a device, a user is not required to press CTRL+ALT+DEL to log on. If this policy is disabled, any user is required to press CTRL+ALT+DEL before logging on to the Windows operating system (unless they are using a smart card for logon). @@ -37,13 +37,13 @@ A malicious user might install malware that looks like the standard logon dialog ### Possible values -- Enabled -- Disabled -- Not defined +- Enabled +- Disabled +- Not defined ### Best practices -- It is advisable to set **Disable CTRL+ALT+DEL requirement for logon** to **Not configured**. +- It is advisable to set **Disable CTRL+ALT+DEL requirement for logon** to **Not configured**. ### Location diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/tamperattemptalert.png b/windows/security/threat-protection/windows-defender-antivirus/images/tamperattemptalert.png new file mode 100644 index 0000000000..82a7cebf32 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/tamperattemptalert.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/tamperprotectionturnedon.png b/windows/security/threat-protection/windows-defender-antivirus/images/tamperprotectionturnedon.png new file mode 100644 index 0000000000..37604390f6 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/tamperprotectionturnedon.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-consumer.png b/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-consumer.png new file mode 100644 index 0000000000..87b8811411 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-consumer.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-enterprise.png b/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-enterprise.png new file mode 100644 index 0000000000..0bb53680a3 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-enterprise.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-intune.png b/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-intune.png new file mode 100644 index 0000000000..b0a6b01f23 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/turnontamperprotect-intune.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 5b4eaf3994..fd8a8ed4db 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -35,15 +35,7 @@ With tamper protection, malicious apps are prevented from taking actions like th - Disabling cloud-delivered protection - Removing security intelligence updates -Tamper protection now integrates with [Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt). Security recommendations include a check to make sure tamper protection is turned on. - -![Tamper protection results in security recommendations](../images/securityrecs-tamperprotect.jpg) - -In the results, you can select **Turn on Tamper Protection** to learn more and turn it on. - -![Turn on tamper protection](images/turnontamperprotection.png) - -## How it works +### How it works Tamper protection essentially locks Windows Defender Antivirus and prevents your security settings from being changed through apps and methods like these: - Configuring settings in Registry Editor on your Windows machine @@ -55,9 +47,15 @@ Tamper protection doesn't prevent you from viewing your security settings. And, ### What do you want to do? -[Turn tamper protection on (or off) for an individual machine using Windows Security](#turn-tamper-protection-on-or-off-for-an-individual-machine) +1. Turn tamper protection on
+ - [For an individual machine, use Windows Security](#turn-tamper-protection-on-or-off-for-an-individual-machine). + - [For your organization, use Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune). -[Turn tamper protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) +2. [View information about tampering attempts](#view-information-about-tampering-attempts). + +3. [Review your security recommendations](#review-your-security-recommendations). + +4. [Browse the frequently asked questions](#view-information-about-tampering-attempts). ## Turn tamper protection on (or off) for an individual machine @@ -76,6 +74,10 @@ If you are a home user, or you are not subject to settings managed by a security 3. Set **Tamper Protection** to **On** or **Off**. +Here's what you see in the Windows Security app: + +![Tamper protection turned on in Windows 10 Home](images/tamperprotectionturnedon.png) + ## Turn tamper protection on (or off) for your organization using Intune If you are part of your organization's security team, you can turn tamper protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune). (This feature is rolling out now; if you don't have it yet, you should very soon, assuming your organization has [Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md) (Microsoft Defender ATP) and that you meet the prerequisites listed below.) @@ -86,29 +88,37 @@ You must have appropriate [permissions](../microsoft-defender-atp/assign-portal- - Your organization must have [Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) (this is included in Microsoft 365 E5. See [Microsoft 365 Enterprise overview](https://docs.microsoft.com/microsoft-365/enterprise/microsoft-365-overview) for more details.) - Your organization's devices must be managed by [Intune](https://docs.microsoft.com/intune/device-management-capabilities). - - Your Windows machines must be running [Windows OS 1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709) or later. - - You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above) + - Your Windows machines must be running Windows OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later. (See [Windows 10 release information](https://docs.microsoft.com/windows/release-information/) for more details about releases.) + - You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above). - Your machines must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). (See [Manage Windows Defender Antivirus updates and apply baselines](manage-updates-baselines-windows-defender-antivirus.md).) 2. Go to the Microsoft 365 Device Management portal ([https://devicemanagement.microsoft.com](https://devicemanagement.microsoft.com)) and sign in with your work or school account. 3. Select **Device configuration** > **Profiles**. -4. Create a profile that includes the following settings: +4. Create a profile as follows: - - **Platform**: Windows 10 and later + - Platform: **Windows 10 and later** - - **ProfileType**: Endpoint protection - - - **Settings** > Windows Defender Security Center > Tamper Protection + - Profile type: **Endpoint protection** + + - Category: **Microsoft Defender Security Center** + + - Tamper Protection: **Enabled** + + ![Turn tamper protection on with Intune](images/turnontamperprotect-intune.png) 5. Assign the profile to one or more groups. -### Are you using Windows OS 1709? +Here's what you see in the Windows Security app: -If you are using Windows OS 1709, you don't have the Windows Security app on your computer. In this case, the one of the following procedures to determine whether tamper protection is enabled. +![Turning tamper protection on in Windows 10 Enterprise](images/turnontamperprotect-enterprise.png) -#### To determine whether tamper protection is turned on by using PowerShell +### Are you using Windows OS 1709, 1803, or 1809? + +If you are using Windows OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), or [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), you won't see **Tamper Protection** in the Windows Security app. In this case, the one of the following procedures to determine whether tamper protection is enabled. + +#### Use PowerShell to determine whether tamper protection is turned 1. Open the Windows PowerShell app. @@ -116,7 +126,7 @@ If you are using Windows OS 1709, you don't have the Windows Security app on you 3. In the list of results, look for `IsTamperProtected`. (A value of *true* means tamper protection is enabled.) -#### To determine whether tamper protection is turned on by viewing a registry key +#### View a registry key value to determine whether tamper protection is turned on 1. Open the Registry Editor app. @@ -126,11 +136,33 @@ If you are using Windows OS 1709, you don't have the Windows Security app on you - If you see **TamperProtection** with a value of **0**, tamper protection is not turned on. - If you do not see **TamperProtection** at all, tamper protection is not turned on. +## View information about tampering attempts + +Tampering attempts typically indicate bigger cyberattacks. Bad actors try to change security settings as a way to persist and stay undetected. If you're part of your organization's security team, you can view information about such attempts, and then take appropriate actions to mitigate threats. + +When a tampering attempt is detected, an alert is raised in the [Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/portal-overview) ([https://securitycenter.windows.com](https://securitycenter.windows.com)). + +![Microsoft Defender Security Center](images/tamperattemptalert.png) + +Using [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [advanced hunting](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview) capabilities in Microsoft Defender ATP, your security operations team can investigate and address such attempts. + +## Review your security recommendations + +Tamper protection integrates with [Threat & Vulnerability Management](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt) capabilities. [Security recommendations](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation) include making sure tamper protection is turned on. For example, you can search on *tamper*, as shown in the following image: + +![Tamper protection results in security recommendations](../images/securityrecs-tamperprotect.jpg) + +In the results, you can select **Turn on Tamper Protection** to learn more and turn it on. + +![Turn on tamper protection](tamperprotectsecurityrecos.png) + +To learn more about Threat & Vulnerability Management, see [Threat & Vulnerability Management in Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights#threat--vulnerability-management-in-microsoft-defender-security-center). + ## Frequently asked questions ### To which Windows OS versions is configuring tamper protection is applicable? -[Windows 1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709) or later together with [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp). +Windows OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), or later together with [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp). ### Is configuring tamper protection in Intune supported on servers? @@ -138,7 +170,7 @@ No ### Will tamper protection have any impact on third party antivirus registration? -No, third-party antivirus will continue to register with the Windows Security application. +No. Third-party antivirus offerings will continue to register with the Windows Security application. ### What happens if Windows Defender Antivirus is not active on a device? @@ -150,11 +182,9 @@ If you are a home user, see [Turn tamper protection on (or off) for an individua If you are an organization using [Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage tamper protection in Intune similar to how you manage other endpoint protection features. See [Turn tamper protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune). - ### How does configuring tamper protection in Intune affect how I manage Windows Defender Antivirus through my group policy? -Your regular group policy doesn’t apply to tamper protection, and changes to Windows Defender Antivirus settings will be ignored when tamper protection is on. - +Your regular group policy doesn’t apply to tamper protection, and changes to Windows Defender Antivirus settings are ignored when tamper protection is on. >[!NOTE] >A small delay in Group Policy (GPO) processing may occur if Group Policy settings include values that control Windows Defender Antivirus features protected by tamper protection. To avoid any potential delays, we recommend that you remove settings that control Windows Defender Antivirus related behavior from GPO and simply allow tamper protection to protect Windows Defender Antivirus settings.

@@ -166,14 +196,13 @@ Value DisableAntiSpyware = 0

Computer Configuration\Administrative Templates\Windows Components\Windows Defender Antivirus\Real-time Protection\ Value DisableRealtimeMonitoring = 0 - ### For Microsoft Defender ATP E5, is configuring tamper protection in Intune targeted to the entire organization only? -Configuring tamper protection in Intune can be targeted to your entire organization as well as to devices and user groups with Intune. +Configuring tamper protection in Intune can be targeted to your entire organization as well as to specific devices and user groups. ### Can I configure tamper protection in System Center Configuration Manager? -Currently we do not have support to manage tamper protection through System Center Configuration Manager. +Currently, managing tamper protection through System Center Configuration Manager is not supported. ### I have the Windows E3 enrollment. Can I use configuring tamper protection in Intune? @@ -181,7 +210,7 @@ Currently, configuring tamper protection in Intune is only available for custome ### What happens if I try to change Microsoft Defender ATP settings in Intune, System Center Configuration Manager, and Windows Management Instrumentation when tamper protection is enabled on a device? -You won’t be able to change the features that are protected by tamper protection; those change requests are ignored. +You won’t be able to change the features that are protected by tamper protection; such change requests are ignored. ### I’m an enterprise customer. Can local admins change tamper protection on their devices? @@ -199,16 +228,16 @@ In addition, your security operations team can use hunting queries, such as the `AlertEvents | where Title == "Tamper Protection bypass"` +[View information about tampering attempts](#view-information-about-tampering-attempts). + ### Will there be a group policy setting for tamper protection? No. -## Related resources - -[Windows 10 Enterprise Security](https://docs.microsoft.com/windows/security/index) +## Related articles [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](https://docs.microsoft.com/intune/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune) -[Microsoft 365 Enterprise overview (at a glance)](https://docs.microsoft.com/microsoft-365/enterprise/microsoft-365-overview#at-a-glance) +[Get an overview of Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) -[Microsoft Defender ATP E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp) +[Better together: Windows Defender Antivirus and Microsoft Defender Advanced Threat Protection](why-use-microsoft-antivirus.md) diff --git a/windows/security/threat-protection/windows-defender-antivirus/tamperprotectsecurityrecos.png b/windows/security/threat-protection/windows-defender-antivirus/tamperprotectsecurityrecos.png new file mode 100644 index 0000000000..69485c42e9 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/tamperprotectsecurityrecos.png differ diff --git a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md index 133cd1426f..8f28ada884 100644 --- a/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/audit-windows-defender-application-control-policies.md @@ -40,7 +40,7 @@ Before you begin this process, you need to create a WDAC policy binary file. If > > - An alternative method to test a policy is to rename the test file to SIPolicy.p7b and drop it into C:\\Windows\\System32\\CodeIntegrity, rather than deploy it by using the Local Group Policy Editor. -3. Navigate to **Computer Configuration\\Administrative Templates\\System\\Windows Defender Device Guard**, and then select **Deploy Windows Defender Application Control**. Enable this setting by using the appropriate file path, for example, C:\\Windows\\System32\\CodeIntegrity\\DeviceGuardPolicy.bin, as shown in Figure 1. +3. Navigate to **Computer Configuration\\Administrative Templates\\System\\Device Guard**, and then select **Deploy Windows Defender Application Control**. Enable this setting by using the appropriate file path, for example, C:\\Windows\\System32\\CodeIntegrity\\DeviceGuardPolicy.bin, as shown in Figure 1. > [!Note] > diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md index 9633a7cf60..26bd6f527f 100644 --- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md +++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md @@ -67,7 +67,7 @@ You can set several rule options within a WDAC policy. Table 1 describes each ru | **15 Enabled:Invalidate EAs on Reboot** | When the Intelligent Security Graph option (14) is used, WDAC sets an extended file attribute that indicates that the file was authorized to run. This option will cause WDAC to periodically re-validate the reputation for files that were authorized by the ISG.| | **16 Enabled:Update Policy No Reboot** | Use this option to allow future WDAC policy updates to apply without requiring a system reboot. | | **17 Enabled:Allow Supplemental Policies** | Use this option on a base policy to allow supplemental policies to expand it. | -| **18 Disabled:Runtime FilePath Rule Protection** | Disable default FilePath rule protection of enforcing user-writeability and only allowing admin-writeable locations. | +| **18 Disabled:Runtime FilePath Rule Protection** | Disable default FilePath rule protection (apps and executables allowed based on file path rules must come from a file path that’s only writable by an administrator) for the path specified in the FilePathRule parameter of the New-CIPolicyRule cmdlet. | | **19 Enabled:Dynamic Code Security** | Enables policy enforcement for .NET applications and dynamically-loaded libraries. | ## Windows Defender Application Control file rule levels

MessageDate
Take action: January 2020 security update available for all supported versions of Windows
The January 2020 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
January 14, 2020
08:00 AM PT
Advisory: Windows CryptoAPI certificate validation vulnerability
On January 14, 2020, Microsoft released security updates to address an elliptic-curve cryptography (ECC) certificate validation issue in the Windows CryptoAPI. This vulnerability applies to all versions of the Windows 10 operating system, client and server. While we have not observed an attack exploiting this vulnerability, we recommend that you apply this update to all of your Windows 10 devices with priority. Here is what you need to know:
  • If you are running a supported version of Windows 10 and have automatic updates enabled, you are automatically protected and do not need to take any further action.
  • If you are managing updates on behalf of your organization, you should download the latest updates from the Microsoft Security Update Guide and apply those updates to your Windows 10 devices and servers as soon as possible.
If you are running an unsupported version of Windows 10, we recommend that you upgrade to the current version of Windows 10 to benefit from the latest security protections. For more information about this vulnerability, see the Microsoft Security Guidance for CVE-2020-0601 and the Microsoft Security Response Center blog, January 2020 Security Updates: CVE-2020-0601.
January 14, 2020
08:00 AM PT
Take action: December 2019 security update available for all supported versions of Windows
The December 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1909 and all supported versions of Windows. We recommend that you install these updates promptly. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. To be informed about the latest updates and releases, follow us on Twitter @WindowsUpdate.
December 10, 2019
08:00 AM PT
Timing of Windows 10 optional update releases (December 2019)
For the balance of this calendar year, there will be no optional non-security “C” and “D” releases for Windows 10. The \"C\" releases normally target the third week of the month, with \"D\" releases targeting the fourth week. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer.
December 10, 2019
08:00 AM PT
Windows 10, version 1909 now available
Learn how to get Windows 10, version 1909 (the November 2019 Update), and explore how we’ve worked to make this a great experience for all devices, including a new, streamlined (and fast) update experience for devices updating directly from the May 2019 Update.
November 12, 2019
10:00 AM PT